TN-939: Hacker Techniques, Exploits, and Incident Handling Course

Course Overview:

A skills focus enables the student to better absorb the subject matter and perform successfully on the exam. This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of the attacks and the effectiveness. Students then gain network experience and use sniffing to help exemplify the benefit of learning wired and wireless security configurations. The course concludes with exercising real attack strategies to demonstrate the techniques acquired throughout the course.

Attendees to TN-939: Hacker Techniques, Exploits, and Incident Handling will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 9 days

Course Objectives:

Backdoors & Trojan Horses
Buffer Overflows
Covering Tracks: Networks
Covering Tracks: Systems
Denial of Service Attacks
Exploiting Systems Using Netcat
Format String Attacks
Incident Handling Overview and Preparation
Incident Handling Phase 2: Identification
Incident Handling Phase 3: Containment
Incident Handling: Recovering and Improving Capabilities
IP Address Spoofing
Network Sniffing
Password Attacks
Reconnaissance
Rootkits
Scanning: Host Discovery
Scanning: Network and Application Vulnerability scanning and tools
Scanning: Network Devices (Firewall rules determination, fragmentation, and IDS/IPS evasion)
Scanning: Service Discovery
Session Hijacking, Tools and Defenses
Types of Incidents
Virtual Machine Attacks
Web Application Attacks
Worms, Bots & Bot-Nets

Prerequisites:

GSEC or equivalent experience
UNIX, Windows, Networking, and Security Experience
This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students

User: m_jurrens

Instructor comments: Both instructors Mr. Askey and Mr. Hackney, were very good. the open learning environment was extremely productive and I felt we all learned far more that we ever would out of a structured rote memorization course.

User: natebonds

Instructor comments: Both Mr. Askey and Hackney were extremely knowledgeable. They were also extremely interested in helping each student learn. I was particularly impressed with the way they tailored the course to optimize our time since we weren't testing. I feel like I know much much more than I did when the class started.

Facilities comments: The facilities were fine. I would have preferred it be closer to Lackland.

Liked the class? Then let everyone know!

PA-242: Palo Alto Networks Firewall Manage Cyberthreats (EDU-231)

Course Overview: PA-242: Palo Alto Networks Firewall Manage Cyberthreats (EDU-231) Training Class is a two-day course that teaches students strategies in defense against cyberthreats. Successful completion of this course enables administrators to better understand the threat landscape. This is not a virtualized theoretical course. This is hands-on, real world instruction, directly relevant to the DoD and Commercial implementations of Palo Alto Networks next-generation firewalls.

Each student is issued a physical Palo Alto firewall and a Cisco layer 3 switch at their desk. Real hardware per student for real experience and real skill development. TechNow provides a very comprehensive client infrastructure that includes Windows, Linux, and multiple packet sniffer agents.

The instructor for this course has been a lead in Unix kernel development to implement firewall and intrusion detection technologies. Additionally, the instructor has taught several security appliance products and carries several SANS, ISC2, ISACA, Cisco, Unix, and Windows certifications.

Attendees to the PA-242: Palo Alto Networks Firewall Manaage Cyberthreats (EDU-231) Training Course will receive TechNow approved course materials and expert instruction.

Dates/Locations: No Events

Duration: 2 days

Course Objectives: Students attending this training course will gain an understanding of cyberthreats and their characteristics. Students will learn how to manage cyberthreats using security policies, profiles, and signatures to protect their network against emerging threats.

Day 1

Mod 1: Threat Landscape
- Advanced Persistent
- Threats
- Data Breaches and Tactics
- Threat Management
- Strategies
Mod 2: Integrated
- Approach to Threat
- Protection
- Integrated Approach to
- Protection
- Next-Generation Firewall
- Advanced Endpoint
- Protection
Mod 3: Network Visibility
- Zero Trust Model
- SSL Decryption
- Decryption Policy
Mod 4: Reducing the Attack
- Surf
- ection

Day 2

Mod 5: Handling Known
- Threats
- WildFire Analysis
- Security Profiles
Mod 6: Handling Unknown
- Traffic and Zero-Day Exploits
- WildFire
- Researching Threat Events
- Identifying Unknown
- Applications
Mod 7: Investigating
- Breaches
- Identify IOCs Using
- App-Scope
- Log Correlation
- Finding Infected Host
Mod 8: Using Custom
- Signatures
- Creating Custom App-IDs
- Threat Signatures

A

Prerequisites:

Students must complete the PA-213: Install, Configure, and Manage course
Understanding of network concepts, including routing, switching, and IP addressing
In-depth knowledge of port-based security and security technologies such as IPS, proxy, and content filtering

This course is in no way associated with Palo Alto Networks, Inc.

Comments

Latest comments from students

Like the class? Then let everyone know!

Unix/Linux

Over twenty years experience in the area of Solaris, Linux, and Unix ensures that you are benefiting from a very mature and successful Solaris, Linux, and Unix training program. TechNow offers the full suite of Solaris, Linux, and Unix courses utilizing real hardware. This is not virtualized Solaris on Intel processors, or remote connection to a distant system. The student learns to deal with real hardware taking advantage of Sparc T series processors. Solaris 10 and Solaris 11 is taught hands-on with data center skills as the focus. We also offer Solaris 10 migration courses to Solaris 10 or Solaris 11.

The following is a list of our Unix/Linux training courses:

RH-355: RHCSA Rapid Track Course

Course Overview:

The RHCSA Rapid Track Course is designed for experienced Linux® system administrators who want to expand their technical skill sets and become accredited with the Red Hat® Certified System Administration (RHCSA) certification. To successfully navigate this course, students should have experience with the Linux command line—including the necessary skills to execute common commands, such as cp, grep, sort, mkdir, tar, mkfs, ssh, and dnf—and be familiar with accessing man pages for help. At the completion of the course, students will be adequately prepared to take the RHCSA exam (EX200) .

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

Introduce Linux and the Red Hat Enterprise Linux ecosystem.
Run commands and view shell environments.
Manage, organize, and secure files.
Manage users, groups and user security policies.
Control and monitor systemd services.
Configure remote access using the web console and SSH.
Configure network interfaces and settings.
Manage software using DNF
Access security files, file systems, and networks
Execute shell scripting and automation techniques
Manage storage devices, logical volumes, and file systems
Manage security and system access
Control the boot process and system services
Running containers

Prerequisites:

Experience in the field system administration.

Comments

Latest comments from students

Liked the class? Then let everyone know!

Specialized

TechNow provides an array of courses to meet our customer's requirements. Courses that do not fit into our major course categories and custom or specialized courses appear here.

Here are courses about specilaized Software or Hardware: